Overview

overview

10

Static

static

1

6cec8e58bb...JC.xls

windows7-x64

10

6cec8e58bb...JC.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-08-2023 09:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cec8e58bbf6ebe3e4a3baa2310307930d5a84839a0edbdb630aef6c1fddc9f6xls_JC.xls

  • Size

    1.6MB

  • MD5

    d1a5f0d011f958e14d46dbf301707a15

  • SHA1

    03a175fe4db4f4fcaee3899f0f0e4c0e71a5ccda

  • SHA256

    6cec8e58bbf6ebe3e4a3baa2310307930d5a84839a0edbdb630aef6c1fddc9f6

  • SHA512

    87c33f02f35bf4679695e0473ad48c4c9674f3c548c065ee1c1f4d862ec195e4ffce3ae8d9eff3258367b88f492d8cddb7f7ef661c05a3469a9ad0771c9057fc

  • SSDEEP

    49152:OQmmQ30mupF6VUQmmQ3030V6VXiNhv3t3bXXm7PuaMo0:OpmQkmmmUpmQk3cmXMhhX/a

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\6cec8e58bbf6ebe3e4a3baa2310307930d5a84839a0edbdb630aef6c1fddc9f6xls_JC.xls"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.MSO\16FD4A1D.emf
    Filesize

    1.4MB

    MD5

    a01b9617553432807b9b58025b338d97

    SHA1

    439bdcc450408b9735b2428c2d53d2e6977fa58c

    SHA256

    7a0426ed2e2349916969ff7087c0f76089fb8ce7f4627f3d11ccbc1aaefcedce

    SHA512

    312cc2563fa865d6a939fea85a520627c73ed9a95bafc98c89495f21d535dc658825be74b64f0f5c5815d1d234fc6e77a71779247e4973e39ba8dccec2f09bee

    Download Submit

  • memory/2120-158-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-139-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-136-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-159-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-137-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-140-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-141-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-160-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-142-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-143-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-144-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-145-0x00007FFD63830000-0x00007FFD63840000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-146-0x00007FFD63830000-0x00007FFD63840000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-161-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-155-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-134-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-138-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-135-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-156-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-162-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-163-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-164-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-165-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-166-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-167-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-168-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-169-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2120-133-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-207-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-208-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-209-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-210-0x00007FFD65DD0000-0x00007FFD65DE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2120-211-0x00007FFDA5D50000-0x00007FFDA5F45000-memory.dmp

    Filesize

    2.0MB

    Download